CVE-2022-2884: 
GitLab vulnerability analysis and mitigation

A critical vulnerability (CVE-2022-2884) was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, and 15.3 to 15.3.1. The vulnerability was reported by security researcher 'yvvdwf' through HackerOne's bug bounty program and was disclosed on August 22, 2022 (GitLab Release, Hacker News).

The vulnerability allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint. It received a Critical severity rating with a CVSS score of 9.9 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). The issue is related to how GitLab handles GitHub import functionality, specifically in the way it processes API responses (Security Online).

A successful exploitation of this vulnerability could enable a malicious actor to execute arbitrary code on the target system, potentially leading to complete system compromise. This could allow attackers to run malicious code, inject malware and backdoors, and gain full control of susceptible GitLab instances (Hacker News).

GitLab has released patches in versions 15.3.1, 15.2.3, and 15.1.5 to address this vulnerability. For users unable to upgrade immediately, a temporary workaround is available by disabling the GitHub import feature. This can be done by logging in as an administrator, navigating to Admin > Settings > General, expanding the 'Visibility and access controls' tab, and disabling the 'GitHub' option under 'Import sources' (GitLab Release).